Healthcare provider Ascension warns that it has suffered from a ‘cyber security event’ – Business

U.S. healthcare provider Ascension is warning that it has suffered from a “cyber security event” that has resulted in disruptions to clinical operations.

In a network interruption update, Ascension said that it first became aware of issues today when it detected unusual activity on select technology network systems. Upon detecting the “cyber security event,” the nonprofit activated its remediation efforts, with some systems interrupted as the process continued.

Ascension has engaged Google LLC’s Mandiant to assist in the investigation and remediation process and has informed relevant authorities. “Together, we are working to fully investigate what information, if any, may have been affected by the situation,” Ascension wrote. “Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines.”

Out of an abundance of caution, Ascension is also recommending that business partners temporarily suspend their connections to the Ascension environment. Partners will be informed when it is safe to reconnect.

Founded in 1999, Ascension is one of the largest nonprofit and Catholic health systems in the U.S., while also ranking second in the U.S. by number of hospitals in 2019. Ascension also runs a pharmacy system called AscensionRx.

While Ascension has not disclosed the form of the attack, if it sounds like ransomware, it usually is. The fact that it took systems offline points to a ransomware attack, since rule one in a ransomware attack is to disconnect systems to stop the ransomware from spreading laterally across an internal network. And if it is a ransomware attack, Ascension is far from the first healthcare provider to be targeted.

UnitedHealth Group Inc., the largest health insurer in the U.S., reported in April that it was investigating the theft of data following a cyberattack in February. As with Ascension, UnitedHealth was also forced to take systems offline and suffered from service disruptions.

As it later turned out, UnitedHealth had been targeted by the ALPHV/Blackcat ransomware gang. The ransomware gang’s affiliates had gained access to UnitedHealth through stolen credentials and as The Register reports, they didn’t have multifactor authentication enabled.

Photo: Ascension